PKSFX self-extracting executable compressed file

application/zip

Safe

Magic Bytes

Offset: 0
50 4B 07 08

The PKSFX self-extracting executable compressed file is a specialized variant of the ZIP archive format originally developed and maintained by PKWARE. This format allows compressed data to be bundled with a small executable stub, enabling file extraction on systems without a dedicated decompression utility. Although this legacy format is generally safe for data storage, it incorporates an executable component that can potentially launch malicious code if the bundled stub has been altered.

Extension

.zip

MIME Type

application/zip

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .zip files in Python

Python 
def is_zip(file_path: str) -> bool:
    """Check if file is a valid ZIP by magic bytes."""
    signature = bytes([0x50, 0x4B, 0x07, 0x08])
    with open(file_path, "rb") as f:
        return f.read(4) == signature

How to validate .zip files in Node.js

Node.js 
function isZIP(buffer: Buffer): boolean {
  const signature = Buffer.from([0x50, 0x4B, 0x07, 0x08]);
  return buffer.subarray(0, 4).equals(signature);
}
Go 
func IsZIP(data []byte) bool {
    signature := []byte{0x50, 0x4B, 0x07, 0x08}
    if len(data) < 4 {
        return false
    }
    return bytes.Equal(data[:4], signature)
}

API Endpoint

GET /api/v1/zip
curl https://filesignature.org/api/v1/zip

Related Formats

.arc .lzh .pak .aar .apk .asice .hlp .vhdx .cfg